First accreditation issued for testing to US IPv6 product specs

By William Jackson

Feb 08, 2010

The University of New Hampshire's test lab is among the first wave of labs to be accredited to test networking products for compliance with government specifications for Internet Protocol version 6 (IPv6), which will be required for government procurements this year.

The university's InterOperability Laboratory (NH-IOL), an industry-funded independent test lab, is a pioneer in IPv6 development and was one of the organizations working with the National Institute of Standards and Technology to develop test specifications for the USGv6 profile. The lab was accredited by the American Association for Laboratory Accreditation (A2LA), a nonprofit, nongovernmental membership society designated by NIST to accredit labs for USGv6 testing.

“We were very early in the process and we have been working with NIST for a long time,” said Timothy Winters, UNH-IOL senior manager.

Because of the depletion of the current generation of IP version 4 addresses and the growth of mobile computing and peer-to-peer applications, the government is leading a move in this country to the next generation of Internet Protocols, IPv6. Government backbones have been readied for IPv6 traffic and by July 2010 all network devices containing an IP stack will have to meet IPv6 requirements now being specified by NIST under the USGv6 program. NIST developed the USGv6 profile as well as requirements for accrediting independent testing labs that will certify products to these requirements. Vendors whose products have certified by an accredited lab will be able to claim compliance as required in procurement documents.

The actual UNH-IOL accreditation was for technical competence in IT testing in accordance with the recognized International Standard ISO/IEC 17025:2005, "General Requirements for the Competence of Testing and Calibration Laboratories."

NIST has recognized A2LA to accredit testing laboratories under the USGv6 Test Program.

There are two areas of USGv6 compliance: Conformance with the specifications in the NIST profile and interoperability with other vendors’ products. Conformance testing can be done by vendors in-house if they have the proper accreditation. Interoperability testing will have to be done by a third-party lab.

The test program is intended to create an open, flexible testing infrastructure that leverages existing industry efforts while protecting early investments in IPv6 technologies by agencies. One of the goals of the compliance program is to harmonize the USGv6 profile with other non-government test programs, including the IPv6 Forum’s IPv6 Ready Logo. The IPv6 Ready Logo is also a conformance and interoperability testing program that has become the industry standard. The IPv6 Ready specifications are not as comprehensive as those in USGv6. IPv6 Ready requirements will essentially be a subset of requirements for USGv6.

“The U.S. government program is not as deep as the IPv6 Ready program,” Winters said. “But the government program is much broader. Clearly, NIST wanted to be out in front with the USGv6 Profile.”

He said he expected that profile will establish the baseline for commercial availability. “No one is going to build U.S. government-specific devices,” he said. “I think this will raise the level of what is available commercially.”

Several NIST Special Publications provide assistance with the USGv6 testing program. SP 500-273, “USGv6 Test Methods: General Description and Validation,” includes a process for inter-laboratory comparisons along with information on management of the program. Under recent revisions of the publication, accreditors offering laboratory assessment and accreditation programs must notify NIST of their intention to create USGv6 programs in order to be listed on the USGv6 website, and accreditors must notify NIST when test laboratories are accredited, together with the test methods in their scope of accreditation.

The USGv6 program is intended to set a standard for procurements going forward so that government systems eventually will be able to handle the new Internet Protocols without a major network overhaul as they go into use. Just when IPv6 will go into common use remains up in the air.

The depletion of available IPv4 addresses, expected to occur within the next two years, is a driver for outside use of IPv6. This factor is not as significant to government users, who currently are well-supplied with IPv4 addresses, but continued connectivity of the dot-gov space with the rest of the world eventually will depend on the ability to use IPv6.

“They are going to lose a portion of the people who are IPv6 networks” if they are not able to handle IPv6 natively, Winters said. “A big part of that will be in the mobile sector.”

Its use within agency networks will depend on each agency, he said, adding: “There are a lot of nice features in IPv6 that I think the government can use,” such as opportunities for improved security and ease of setting up peer-to-peer and ad hoc networks.